(
PHANDLE ThreadHandle,
ACCESS_MASK DesiredAccess,
LPVOID ObjectAttributes,
HANDLE ProcessHandle,
LPTHREAD_START_ROUTINE lpStartAddress,
LPVOID lpParameter,
BOOL CreateSuspended,
DWORD64 dwStackSize,
DWORD64 dw1,
DWORD64 dw2,
LPVOID Unknown
);
PFunc=GetProcAddress call (GetModuleHandle (L "NTDLL. DLL)", "NtCreateThreadEx");
If (pFunc==NULL)
{
Printf (" MyCreateRemoteThread () : GetProcAddress call (\ "NtCreateThreadEx ") call failed! Error code: % d/n ",
GetLastError ());
return FALSE;
}
(PFNTCREATETHREADEX pFunc) (
& HThread,
0 x1fffff,
NULL,
HProcess,
PThreadProc,
PRemoteBuf,
FALSE,
NULL,
NULL,
NULL,
NULL); If (hThread==NULL)
{
Printf (" MyCreateRemoteThread () : NtCreateThreadEx () call fails! Error code: [] % d/n ", GetLastError ());
return FALSE;
}
Above is VC source code, the following is my translation of the Delphi code:
TNtCreateThreadEx=function (ThreadHandle: THandle;
DesiredAccess: ACCESS_MASK;
ObjectAttributes: Pointer;
ProcessHandle: THandle;
LpStartAddress: TFNThreadStartRoutine;
LpParameter: Pointer;
CreateSuspended: BOOL;
The dwStackSize: Int64;
Dw1: Int64;
Dw2: Int64;
Unknown: Pointer) : Int64;
PFunc:=GetProcAddress call (GetModuleHandle (' NTDLL. DLL '), 'NtCreateThreadEx');
If pFunc=nil then
The begin
ShowMessage (IntToStr (GetLastError));
Result:=0;
end;
TNtCreateThreadEx (pFunc) (hThread, $1 FFFFF, nil, hRemoteProcess, pfnStartAddr, pszLibFileRemote, False, 0, 0, nil);
If hThread=0 then
The begin
ShowMessage (' NtCreateThreadEx () call fails! Error code: '+ inttostr GetLastError ());
Result:=0;
end;
My translation is wrong, please? Please more! Thank you ~ only so many points, all gave!
CodePudding user response:
PFunc what type is this?